CVEs (2)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Jenkins 1Owasp Dependency Track Jun 17, 2026 Mar 30, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A cross-site request forgery (CSRF) vulnerability in Jenkins OWASP Dependency-Track Plugin 3.1.0 and earlier allows attackers to connect to an attacker-specified URL, capturing credentials stored in Jenkins. |
1Jenkins 1Owasp Dependency Track Jun 17, 2026 Mar 30, 2021 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 A missing permission check in Jenkins OWASP Dependency-Track Plugin 3.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL, capturing credentials stored in Jenkins. |